Scribd Logo
Upload

Welcome to Scribd!

  • 2 MAC and Hash Functions

    Uploaded by

    WHATSAPP STATUSLY
    17 views34 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views34 pages

    2 MAC and Hash Functions

    Uploaded by

    WHATSAPP STATUSLY

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 34

    Chapter 12 – Hash and MAC

    Algorithms
    Hash Functions
    • “Hash Function maps a message of any length into fixed-
    length hash value, which serves as the authenticator.”

    • “A cryptographic hash function is a hash function which


    is considered practically impossible to invert – i.e. to
    recreate the input data from its hash value alone.”

    • The input data is message and hash value is message


    digest or digest.
    Properties of Hash Function
    • It is easy to compute the hash value for any given
    message.
    • It is infeasible to generate a message that has a given
    hash.
    • It is infeasible to modify a message without changing
    the hash.
    • It is infeasible to find two different messages with
    the same hash.
    Applications of Hash
    • Verifying the integrity of files or messages.
    • Password Verification
    • File or Data Identifier
    • Pseudorandom generation and key derivation
    Hash and MAC Algorithms
    • Hash Functions
    – condense arbitrary size message to fixed size
    – by processing message in blocks
    – through some compression function
    – either custom or block cipher based
    Hash Algorithm Structure
    Most important modern hash function follows this structure
    two approaches have been followed in the design of the
    compression function
    •Use of modular arithmetic and logical binary operation
    •Use a symmetric block cipher as a compression function.
    Rabin Scheme
    Davies-Meyer Scheme
    Uses forward feed to protect against meet-in-the-
    middle attack.
    Message Digest Example
    Message : 4000

    4000 / 4 = 1000

    Message Digest

    If we change 4000 or 4, result will not be 1000.

    If we are only given 4, we can not trace 4000.


    Message Digest Example
    MD5
    • Developed by ron rivest
    • Quit faster
    • Processes message in blocks of 512 bits and
    produces four-32 bits block as MD.
    (32*4=128)
    MD5 Example

    C File
    #include<stdio.h>
    void main()
    {
    printf("Welcome to Emulated Turbo C++\n");
    printf("This Emulation is coded by Mohit Saxena\n");
    printf("Enjoy Coding....\n");
    }

    MD5 Code: 042f248e32a652197a9a491151d90c3d


    MD5 : Steps
    1. Bit Padding
    2. Append Length
    3. Divide plain text into blocks of 512 bits
    4. Initialize chaining variables (a,b,c,d)
    5. Process Blocks (4 Rounds : each of 3 steps)
    1. Bit Padding
    • to make length of original message equal to a
    value which is 64 bits less than multiples of
    512. Append zeros to LHS.
    2. Append Length
    • Length of original message is calculated and appended to
    (Message + padding) bits. This gives final data to be hashed
    3. Divide plain text into blocks of 512 bits
    • Algorithm will process message in blocks of 512 bits.
    So divide message in blocks of 512 bits
    4. Initialize Chaining Variables
    5. Process Blocks
    • 5.1 : Copy the four chaining variables into four corresponding
    variables a, b, c and d.

    • 5.2 : Divide the current 512-bit block into 16 sub-blocks.


    • 5.3 : Now we have four rounds. In each round we process all
    the 16 sub-blocks.
    Secure Hash Algorithm (History..)
    • SHA originally designed by NIST ( National institute of
    standard and technology) & published by FIPS (federal
    information processing standard) in 1993

    • was revised in 1995 as SHA-1 produce the hash value of


    160 bit

    • In 2002 NIST produced a revised version of standard,


    FIPS 180-2 that define three new version of SHA with
    hash value length 256,384,512
    SHA-512
    • Input a message with maximum length of less
    than 2128 bits
    • Output 512 bit message digest
    • Input is processed in 1024 bit block
    Message Digest generation using SHA-512
    Message Digest generation using SHA-512
    • Step 1:- Append Padding Bits
    – To make message length 128 less than multiple of 1024
    – Padding consist of one 1 bit followed by necessary number of
    0 bit
    • Step 2:- Append Length
    • Step 3:- Divide the input into 1024-bit blocks
    • Step 4:- Initialize chaining variables
    – a = 6A09E667F3BCC908 – e = 510E527FADE682D1
    b = BB67AE8584CAA73B f = 9B05688C2B3E6C1F
    c = 3C6EF372FE94F82B g = 1F83D9ABFB41BD6B
    c = A54FF53A5F1D36F1 h = 5BE0CDI9137E2179

    – These words were obtained by taking the first sixty-four bits of the
    fractional parts of the square roots of the first eight prime numbers.
    • Step 5: Process Bolcks
    SHA-512 Round Function
    Message Authentication
    • Procedure to verify that received message come from the
    trusted source and has not been altered.

    • It may also verify sequencing and timeliness.

    • Message authentication is a mechanism or service used to


    verify the integrity of the message
    Message Authentication: Requirements

    • Message authentication could be able to remove


    – Release of message content
    – Traffic Analysis
    – Masquerade
    – Content Modification
    – Sequence Modification
    – Timing Modification
    – Nonrepudiation
    Message Encryption
    Message Authentication Code
    • An alternative authentication technique
    • Involves the use of a secret key to generate a small fixed-size
    block of data, known as a cryptographic checksum or MAC that
    is appended to the message.
    • This technique assumes that two communicating parties, say A
    and B, share a common secret key K.
    • When A has a message to send to B, it calculates the MAC as a
    function of the message and the key: MAC = C(K, M), where
    – M = input message
    – C = MAC function
    – K = shared secret key
    – MAC = message authentication code
    Message Authentication Code
    • The message plus MAC are transmitted to the intended
    recipient.
    • The recipient performs the same calculation on the received
    message, using the same secret key, to generate a new MAC.
    The received MAC is compared to the calculated MAC.
    Message Authentication Code
    • If the received MAC matches the calculated MAC, then the
    receiver is assured that the message has not been altered.

    • The receiver is assured that the message is from the proper


    sender. Because no one else knows the secret key, no one else
    could prepare a message with a proper MAC.

    • If the message includes a sequence number (such as is used


    with HDLC, X.25, and TCP), then the receiver can be assured of
    the proper sequence because an attacker cannot successfully
    alter the sequence number.
    MAC
    Hash Vs MAC
    • Hashes are used to guarantee the integrity of
    data, a MAC guarantees integrity AND
    authentication.
    • A MAC uses a private key as the seed to the
    hash function it uses when generating the
    code
    Hash Vs MAC

    HASH FUNCTION: A function that maps a message


    of any length into a fixed length hash value, which
    serves as the authenticator.

    MAC: A function of the message and a secret key that


    produces a fixed length value that serves as the
    authenticator.

    You might also like